Field
Aspects of the present invention generally relate to a technique for remote monitoring control of setting information of a network device.
Description of the Related Art
Conventionally, a technique exists where an information technology (IT) administrator remotely monitors whether a value of a setting made for each of a plurality of devices, such as image forming apparatuses, present on a network is changed to an unintended setting value.
For example, in Japanese Patent Application Laid-Open No. 2006-318207, a setting stored in a management server and a setting acquired from a device of a monitoring target are compared with each other. If the settings are different from each other, the setting stored in the management server is distributed to the device to change the setting of the device back to normal, thereby achieving a stable operation of the device.
Further, in Japanese Patent Application Laid-Open No. 2004-192625, the period of monitoring a setting of a device is set, and if an attempt is made to change the setting during the monitoring period, a change request is rejected, or a notification is provided to a user having set the monitoring, thereby preventing the setting of the device from being inadvertently changed.
In recent years, to ensure use according to the network environment and the security guidelines of an office environment, the function of managing setting information for forcibly preventing a setting regarding security from being changed has been provided in various devices. Such a function is generally termed a security policy.
Normally, to change a security policy, user authority superior to that for changing a setting in a conventional manner and a special password are required. However, a user having such authority may inadvertently change the security policy. Thus, the function of monitoring the security policy similarly to conventional setting monitoring is necessary. At this time, the security levels of the setting and the security policy are different from each other. Thus, the determination of whether to notify an administrator of a detected change or update a changed value to the previous value should also differ.
If the administrator is not appropriately notified of a change in the setting or the security policy, or a changed value is not appropriately updated to the previous value, this may hinder the monitoring work of the administrator and the maintenance of the security of a network device. For example, a large number of unnecessary notifications may be transmitted to the administrator, influencing the work of the administrator, and raising management costs. Further, the following situations may occur that threaten the security of the network device. For example, the administrator is not notified of a change in which the security risk is high, which the administrator should be notified of. Further, when the value of an item in which the security risk is high should be changed back to the previous value, the value is not changed back to the previous value.